shadow/man/shadow.3.xml

200 lines
6.7 KiB
XML
Raw Normal View History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
"http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
<refentry id='shadow.3'>
<!-- $Id: shadow.3.xml,v 1.5 2005/04/27 16:44:12 kloczek Exp $ -->
<refmeta>
<refentrytitle>shadow</refentrytitle>
<manvolnum>3</manvolnum>
</refmeta>
<refnamediv id='name'>
<refname>shadow</refname>
<refpurpose>encrypted password file routines</refpurpose>
</refnamediv>
<refsect1 id='syntax'>
<title>SYNTAX</title>
<para>
<emphasis remap='B'>#include &lt;shadow.h&gt;</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *getspent();</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *getspnam(char</emphasis>
<emphasis remap='I'>*name</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>void setspent();</emphasis>
</para>
<para>
<emphasis remap='B'>void endspent();</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *fgetspent(FILE</emphasis>
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>struct spwd *sgetspent(char</emphasis>
<emphasis remap='I'>*cp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>int putspent(struct spwd</emphasis>
<emphasis remap='I'>*p,</emphasis>
<emphasis remap='B'>FILE</emphasis>
<emphasis remap='I'>*fp</emphasis><emphasis remap='B'>);</emphasis>
</para>
<para>
<emphasis remap='B'>int lckpwdf();</emphasis>
</para>
<para>
<emphasis remap='B'>int ulckpwdf();</emphasis>
</para>
</refsect1>
<refsect1 id='description'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='I'>shadow</emphasis>
manipulates the contents of the shadow password file,
<filename>/etc/shadow</filename>.
The structure in the <emphasis remap='I'>#include</emphasis> file
is
</para>
<para>struct spwd {
<!-- .in +.5i -->
<!-- .br -->
char *sp_namp; /* user login name */
<!-- .br -->
char *sp_pwdp; /* encrypted password */
<!-- .br -->
long int sp_lstchg; /* last password change */
<!-- .br -->
long int sp_min; /* days until change allowed. */
<!-- .br -->
long int sp_max; /* days before change required */
<!-- .br -->
long int sp_warn; /* days warning for expiration */
<!-- .br -->
long int sp_inact; /* days before account inactive */
<!-- .br -->
long int sp_expire; /* date when account expires */
<!-- .br -->
unsigned long int sp_flag; /* reserved for future use */
<!-- .br -->
<!-- .in \-.5i -->
}
</para>
<para>The meanings of each field are</para>
<para>sp_namp - pointer to null-terminated user name.
<!-- .br -->
sp_pwdp - pointer to null-terminated password.
<!-- .br -->
sp_lstchg - days since Jan 1, 1970 password was last changed.
<!-- .br -->
sp_min - days before which password may not be changed.
<!-- .br -->
sp_max - days after which password must be changed.
<!-- .br -->
sp_warn - days before password is to expire that user is warned
of pending password expiration.
<!-- .br -->
sp_inact - days after password expires that account is considered
inactive and disabled.
<!-- .br -->
sp_expire - days since Jan 1, 1970 when account will be disabled.
<!-- .br -->
sp_flag - reserved for future use.
</para>
</refsect1>
<refsect1 id='description2'>
<title>DESCRIPTION</title>
<para>
<emphasis remap='B'>getspent</emphasis>, <emphasis
remap='B'>getspname</emphasis> <emphasis
remap='B'>fgetspent</emphasis>, and <emphasis
remap='B'>sgetspent</emphasis> each return a pointer to a <emphasis
remap='B'>struct spwd</emphasis>. <emphasis
remap='B'>getspent</emphasis> returns the next entry from the file,
and <emphasis remap='B'>fgetspent</emphasis> returns the next entry
from the given stream, which is assumed to be a file of the proper
format. <emphasis remap='B'>sgetspent</emphasis> returns a pointer to
a <emphasis remap='B'>struct spwd</emphasis> using the provided string
as input. <emphasis remap='B'>getspnam</emphasis> searches from the
current position in the file for an entry matching <emphasis
remap='B'>name</emphasis>.
</para>
<para><emphasis remap='B'>setspent</emphasis> and <emphasis
remap='B'>endspent</emphasis> may be used to begin and end,
respectively, access to the shadow password file.
</para>
<para>The <emphasis remap='B'>lckpwdf</emphasis> and <emphasis
remap='B'>ulckpwdf</emphasis> routines should be used to insure
exclusive access to the <filename>/etc/shadow</filename> file.
<emphasis remap='B'>lckpwdf</emphasis> attempts to acquire a lock
using <emphasis remap='B'>pw_lock</emphasis> for up to 15 seconds. It
continues by attempting to acquire a second lock using <emphasis
remap='B'>spw_lock</emphasis> for the remainder of the initial 15
seconds. Should either attempt fail after a total of 15 seconds,
<emphasis remap='B'>lckpwdf</emphasis> returns -1. When both locks are
acquired 0 is returned.
</para>
</refsect1>
<refsect1 id='diagnostics'>
<title>DIAGNOSTICS</title>
<para>Routines return NULL if no more entries are available or if an
error occurs during processing. Routines which have <emphasis
remap='B'>int</emphasis> as the return value return 0 for success and
-1 for failure.
</para>
</refsect1>
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>These routines may only be used by the super user as access to the
shadow password file is restricted.
</para>
</refsect1>
<refsect1 id='files'>
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/shadow</filename></term>
<listitem>secure user account information</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id='see_also'>
<title>SEE ALSO</title>
<para>
<citerefentry>
<refentrytitle>getpwent</refentrytitle><manvolnum>3</manvolnum>
</citerefentry>,
<citerefentry>
<refentrytitle>shadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
</para>
</refsect1>
<refsect1 id='author'>
<title>AUTHOR</title>
<para>Julianne Frances Haugh (jockgrrl@ix.netcom.com)</para>
</refsect1>
</refentry>